gzip contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered by a parsing flaw in the -N option of gzip that may allow an attacker to create an archive that writes to an arbitrary location on the system. This flaw may lead to a loss of integrity.

Multiple vendors have released upgrades to address this vulnerability. Check the vendor advisory, changelog, or solution in the references section for details.

• SCIP VulDB ID: 1410
• Secunia Advisory ID: 15047 15308 15424 15655 15937 16030 16152 16643 17645 18100 21253
• CVE ID: 2005-1228 (see also: NVD)
• ISS X-Force ID: 20199
• Other Advisory URL: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:11.gzip.asc http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000974
  http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:092
  http://security.gentoo.org/glsa/glsa-200505-05.xml
  http://sunsolve.sun.com/search/document.do?assetkey=1-26-101816-1
  http://www.debian.org/security/2005/dsa-752
• Vendor Specific Advisory URL: ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4.htm ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.58/SCOSA-2005.58.txt http://docs.info.apple.com/article.html?artnum=304063
  http://rhn.redhat.com/errata/RHSA-2005-357.html
  http://support.avaya.com/elmodocs2/security/ASA-2005-172.pdf
  http://www.ipcop.org/modules.php?op=modload&name=News&file=article&sid=21&mode=thread&order=0&thold=0
• Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-04/0305.html
• Vendor Specific News/Changelog Entry: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=305255
• Vendor URL: http://www.gzip.org/
• Keyword: SCOSA-2005.49

• Ulf Härnhammar - Debian Security Audit Project